Acknowledged
Created: Jan 21, 2024
Updated: Jan 30, 2026
Resolved Date: Jan 18, 2026
Found In Version: 10.21.20.1
Severity: Standard
Applicable for: Wind River Linux LTS 21
Component/s: Userspace
An issue was discovered in Mbed TLS through 3.5.1. In mbedtls_ssl_session_reset, the maximum negotiable TLS version is mishandled. For example, if the last connection negotiated TLS 1.2, then 1.2 becomes the new maximum.
CREATE(Triage):(User=admin) CVE-2023-52353 (https://nvd.nist.gov/vuln/detail/CVE-2023-52353)
